Dernières news

• Panera Bread - 5,112,502 breached accounts

  31/01/26 04:19 | Catégorie : Have I Pwned

  In January 2026, Panera Bread suffered a data breach that exposed 14M records. After an attempted extortion failed, the attackers published the data publicly, which included 5.1M unique email addresses along with associated account information such as names, phone numbers and physical addresses. Panera Bread subsequently confirmed that "the data involved is contact information" and that authorities were notified.

• SoundCloud - 29,815,722 breached accounts

  27/01/26 02:13 | Catégorie : Have I Pwned

  In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform. The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users. The impacted data included 30M unique email addresses, names, usernames, avatars, follower and following counts and, in some cases, the user’s country. The attackers later attempted to extort SoundCloud before publicly releasing the data the following month.

• Under Armour - 72,742,892 breached accounts

  21/01/26 07:34 | Catégorie : Have I Pwned

  In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom, alleging they had obtained access to 343GB of data. In January 2026, customer data from the incident was published publicly on a popular hacking forum, including 72M email addresses. Many records also contained additional personal information such as names, dates of birth, genders, geographic locations and purchase information.

• Raaga - 10,225,145 breached accounts

  19/01/26 18:33 | Catégorie : Have I Pwned

  In December 2025, data allegedly breached from the Indian streaming music service "Raaga" was posted for sale to a popular hacking forum. The data contained 10M unique email addresses along with names, genders, ages (in some cases, full date of birth), postcodes and passwords stored as unsalted MD5 hashes.

• Pass'Sport - 6,366,133 breached accounts

  18/01/26 17:26 | Catégorie : Have I Pwned

  In December 2025, data from France's Pass'Sport program was posted to a popular hacking forum. Initially misattributed to CAF (the French family allowance fund), the data contained 6.5M unique email addresses affecting 3.5M households. The data also included names, phone numbers, genders and physical addresses. The Ministry of Sports subsequently released a statement acknowledging the incident.

• Instagram - 6,215,150 breached accounts

  11/01/26 17:59 | Catégorie : Have I Pwned

  In January 2026, data allegedly scraped via an Instagram API was posted to a popular hacking forum. The dataset contained 17M rows of public Instagram information, including usernames, display names, account IDs, and in some cases, geolocation data. Of these records, 6.2M included an associated email address, and some also contained a phone number. The scraped data appears to be unrelated to password reset requests initiated on the platform, despite coinciding in timeframe. There is no evidence that passwords or other sensitive data were compromised.

• BreachForums (2025) - 324,449 breached accounts

  10/01/26 12:06 | Catégorie : Have I Pwned

  In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies. In the months leading up to the takedown, the site itself suffered a data breach that exposed 324k unique email addresses, usernames, and Argon2 password hashes.

• WhiteDate - 6,076 breached accounts

  06/01/26 07:26 | Catégorie : Have I Pwned

  In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that exposed 6k unique email addresses. The breach exposed extensive further personal information including data related to physical appearance, income, education and IQ.

• WIRED - 2,364,431 breached accounts

  28/12/25 00:29 | Catégorie : Have I Pwned

  In December 2025, 2.3M records of WIRED magazine users allegedly obtained from parent company Condé Nast were published online. The most recent data dated back to the previous September and exposed email addresses and display names, as well as, for a small number of users, their name, phone number, date of birth, gender, and geographic location or full physical address. The WIRED data allegedly represents a subset of Condé Nast brands the hacker also claims to have obtained.

• Utair - 401,400 breached accounts

  26/12/25 05:28 | Catégorie : Have I Pwned

  In August 2020, news broke of a data breach of Russian airline Utair that dated back to the previous year. The breach contained over 400k unique email addresses along with extensive personal information including names, physical addresses, dates of birth, passport numbers and loyalty program details.